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DETAILED ACTION 

Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Offlce action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign 
country or in public use or on sale in this country, more than one year prior to the date of 
application for patent in the United States. 

2. Claim 1,15, 29 is rejected under 35 U.S.C. 102(b) as being fully anticipated by R. 
Woodburn and D. Mills herein after referred as Woodburn (Network Working Group 
Request for Comments: 1241). 

As per claim 1 : 

Woodburn substantially teaches in the RFC 1241 of Internet Encapsulation 
Protocol that creating and assigning a virtual address to a client process (Page 2, 
Paragraph 9). The examiner interpreted the user space defined by Woodburn as any 
client, either a physical host or a process node having physical or virtual address 
respectively (Figure 1; Page 13, Section D; Figure 4). Woodburn teaches issuing a first 
Internet Protocol version compliant packet, wherein the first Internet Protocol version 
compliant packet comprises a security context (Figure 1; Figure 2); prepending an 
issued packet with a second Internet Protocol version header producing a second 
Internet Protocol version compliant packet (Figurel; Figure 2; Page 4, Paragraph 3); 
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and fonA/arding the second Internet Protocol version compliant packet to a recipient 
(Figure 1, Page 5,Paragraph 1). 

Woodburn substantially teaches also stripping away the second Internet Protocol 
version compliant header from the second Internet Protocol version compliant packet 
producing a stripped packet at the recipient (Page 9, Section 6; Figure 1); decrypting 
and authenticating the stripped packet using a particular method as indicated by the 
security context producing a decrypted and authenticated packet (Page 1 5, Section F). 
The examiner thinks that Woodburn provided clear indication on how to apply 
authentication and routing the decrypted packet to a recipient process using the virtual 
address (Page 12, Paragraph 7) 

As per claim 15: 

Woodburn substantially teaches in the RFC 1241of Internet Encapsulation 
Protocol that an authentication server daemon that replies to a Supernet Attach 
Command (Page 15, Paragraph 3) and the examiner thinks that Woodburn provided 
clear indication on how to apply authentication. Woodburn teaches a virtual address 
daemon that maintains a mapping of the Supernet configuration information performing 
the following steps (Page 13, Paragraph 3; Page 14, Paragraph 2; Page 15, Paragraph 
2) and the examiner interpreted, the virtual network or Internet with special 
encapsulation and virtual interfaces in combination with defined mapping function which 
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are disclosed by Woodburn. as a system that serves the purpose of the virtual address 
daemon. 

Woodburn substantially teaches in the RFC 1241 of Internet Encapsulation 
Protocol that creating and assigning a virtual address to a client process (Page 2, 
Paragraph 9). The examiner interpreted the user space defined by Woodburn as any 
client either a physical host or a process node having physical or virtual address 
respectively (Figure 1; Page 13, Section D; Figure 4). Woodburn teaches issuing a first 
Internet Protocol version compliant packet, wherein the first Internet Protocol version 
compliant packet comprises a security context (Figure 1; Figure 2); prepending an 
issued packet with a second Internet Protocol version header producing a second 
Internet Protocol version compliant packet (Figurel; Figure 2; Page 4, Paragraph 3); 
and foHA^arding the second Internet Protocol version compliant packet to a recipient 
(Figure 1, Page 5, Paragraph 1). 

Woodburn substantially teaches also stripping away the second Internet Protocol 
version compliant header from the second Internet Protocol version compliant packet 
producing a stripped packet at the recipient (Page 9, Section 6; Figure 1); decrypting 
and authenticating the stripped packet using a particular method as indicated by the 
security context producing a decrypted and authenticated packet (Page 15, Section F). 
The examiner thinks that Woodburn provided clear indication on how to apply 
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authentication and routing the decrypted packet to a recipient process using the virtual 
address (Page 12, Paragraph 7) 

As Per claim 29: 

Woodburn substantially teaches in the RFC 1241 of Internet Encapsulation 
Protocol that the RFC 1241 provides a means or perfonning encapsulation in the 
Internet environment (Page 4 , Paragraph 1) and creating and assigning a virtual 
address to a client process (Page 2, Paragraph 9). The examiner interpreted the user 
space defined by Woodburn as any client, either a physical host or a process node 
having physical or virtual address respectively (Figure 1; Page 13, Section D; Figure 4). 
Woodburn teaches issuing a first Internet Protocol version compliant packet, wherein 
the first Internet Protocol version compliant packet comprises a security context (Figure 
1; Figure 2); prepending an issued packet with a second Internet Protocol version 
header producing a second Internet Protocol version compliant packet (Figurel; Figure 
2; Page 4, Paragraph 3); and fonA^arding the second Internet Protocol version compliant 
packet to a recipient (Figure 1, Page 5, Paragraph 1). 

Woodburn substantially teaches also stripping away the second Internet Protocol 
version compliant header from the second Internet Protocol version compliant packet 
producing a stripped packet at the recipient (Page 9, Section 6; Figure 1); decrypting 
and authenticating the stripped packet using a particular method as indicated by the 
security context producing a decrypted and authenticated packet (Page 15, Section F). 
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The examiner thinks that Woodburn provided clear indication on how to apply 
authentication and routing the decrypted packet to a recipient process using the virtual 
address (Page 12, Paragraph 7) 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which fomis the basis for all 

obviousness rejections set forth in this Office action: 

A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

4. Claim 2-13, 16-28 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Woodburn in view of Silvano Gai (IPv6 The new Protocol for Internet and Intranet, 
published 12/12/97, http://www.IP.com) 

As per claim 2: 

Woodburn does not explicitly teach that the first Internet Protocol is version 6. 
However, Silvano teaches that first Internet Protocol version compliant packet is Internet 
Protocol version 6 compliant packet (Page 230, Figure 2-12). Therefore, it would have 
been obvious to a person in the art at the time the invention was made to modify the 
method disclosed by Woodburn that the first internet protocol is version 6. This 
modification would have been obvious because a person having ordinary skill in the art 
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at the time of the invention was made, would have been motivated to do so since it is 
suggested by Woodbum (Page 15, Paragraph 2). 

As per claim 3: 

Woodburn does not explicitly teach that the second Internet Protocol is version 4. 
However, Silvano teaches that the second Internet Protocol version compliant packet is 
Internet Protocol version 4 compliant packet (Page 230, Figure 2-12). Therefore, it 
would have been obvious to a person in the art at the time the invention was made to 
modify the method disclosed by Woodburn that the second internet protocol is version 
4. This modification would have been obvious because a person having ordinary skill in 
the art at the time of the invention was made, would have been motivated to do so since 
it is suggested by Woodburn (Page 15, Paragraph 2). 

As per claim 4: 

Woodburn does not explicitly teach that the authentication server daemon. 
However, Silvano teaches the application of IPv6 security features applying AH and 
ESP using different ways (Page 160, Section 8.3) on the limitations of issuing the 
packet including executing a Supernet Attach Command with an authentication server 
daemon; responding to the Supernet Attach Command with a Supernet configuration 
infomiation comprising the security context in the address; registering a mapping of the 
Supernet configuration information with a virtual address daemon. Therefore, it would 
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have been obvious to a person in the art at the time the invention was made to modify 
the method disclosed by Woodburn that issuing the packet to comprises daemon 
servers. This modification would have been obvious because a person having ordinary 
skill in the art at the time of the invention was made, would have been motivated to do 
so since it is suggested by Silvano (Figure 8, 9-13). 

As per claims 5 and 19: 

Woodburn does not explicitly teach that the security context address. However, 
Silvano teaches the application of IPv6 security features applying AH and ESP using 
different ways (Page 160, Section 8.3) addressing the limitations (virtual address, 
Supernet identity, and a channel identity). Therefore, it would have been obvious to a 
person in the art at the time the invention was made to modify the method disclosed by 
Woodburn that the security context includes virtual address, Supernet identity, and a 
channel identity. This modification would have been obvious because a person having 
ordinary skill in the art at the time of the invention was made, would have been 
motivated to do so since it is suggested by Woodburn (Figure 4). 

As per claims 6 and 20: 

Neither Woodburn nor Silvano explicitly teach that the security context comprised 
of 128 bit unique value. However, using IPv6 packets, it is obvious and very well known 
to those skilled in the art that the claimed security context can be set to be comprised of 
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a 128 bit unique value for an intended purpose as evidenced by similar bit setting in 
Silvano (Page 156, Figure 8-5). 



As per claims 7 and 21 : 

Neither Woodburn nor Silvano explicitly teach that the security context comprised 
of a 16 bit set and a 1 12 bit set. However, using IPv6 packets, headers and addressing, 
it is obvious and very well known to those skilled in the art that the claimed bit partition 
to be comprised of a 16 bit set and a 112 bit set value for an intended purpose as 
evidenced by similar bit setting in Silvano (Page 154, Figure 8-1). 

As per claims 8 and 22: 

Neither Woodburn nor Silvano explicitly teach that 16 bit set denotes a site local 
Internet protocol address comprising 12 bits for an address prefix followed by 4 bits for 
a zero value. However it is obvious and very well known to those skilled in the art that 
denoting a 16 bit set to a site Internet protocol address comprising 12 bits for an 
address prefix followed by a b4 bit of a zero value for an intended purpose as evidenced 
by similar bit setting in Silvano (Page 156, Figure 8-5). 

As per claims 9 and 23: 

Neither Woodburn nor Silvano explicitly teach that the 112 bit set comprises 
contiguous bits for the Supernet identifier, the Channel identifier, and the virtual 
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address. However, it is obvious and very well known to those skilled in the art that the 
112 bit can be set to be contiguous and partitioned for the Supernet identifier, the 
Channel identifier, and the virtual address for the intended purpose as evidenced on the 
specification of the application itself (Page 8, Paragraph 0030) which this letter is 
addressing. 

As per claims 10 and 24: 

Neither Woodburn nor Silvano explicitly teach that 112 bit set comprises 64 bits 
Supernet identifier, 24 bits Channel identifier, and 24 bits virtual address. However, it is 
obvious and very well known to those skilled in the art that the 112 bit can be set to be 
partitioned to 64 bits Supernet identifier, 24 bits Channel identifier, and 24 bits virtual 
address for the intended purpose as evidenced on the specification of the application 
itself (Page 8, Paragraph 0030) which this letter is addressing. 

As per claim 1 1 : 

Woodburn does not explicitly teach that the virtual address daemon maps virtual 
addresses. However, Silvano teaches the virtual address daemon maps the virtual 
address of the recipient process within the Supernet to an actual Internet protocol 
address (Figure 8-11). Therefore, it would have been obvious to a person in the art at 
the time the invention was made to modify the method disclosed by Woodburn that the 
virtual address daemon maps virtual addresses. This modification would have been 
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obvious because a person having ordinary sl^ill in the art at the time of the invention was 
made, would have been motivated to do so since it is suggested by Woodburn (Page 4, 
Paragraph 3). 

As per claims 12 and 26: 

Neither Woodburn nor Silvano explicitly teach that the security context is 
encoded. However, it is obvious and very well known to those skilled in the art that the 
security context can be encoded according to a given standard format (encoding 
definition in American Heritage College dictionary). 

As per claims 1 3 and 27: 

The applicant of this application suggested that any packet management 
infrastructure may be used, appreciated by those skilled in the art, to obtain security 
context from the stripped packet using a handler mechanism (Page 9, Paragraph 0031). 
Therefore, it is obvious and very well known to those skilled in the art that the security 
context is obtained from the stripped packet using a handler mechanism. 

5. Claim 14 and 28 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Woodburn in view of Gang et al (Mobile IPv6 solution based on Linux Netfilter 
framework Dai Gang; Ma Yan; Info-tech and Info-net, 2001. Proceedings. ICII 2001 - 
Beijing. 2001 International Conferences on Volume 5, 29 Oct.-1 Nov. 2001 Page(s): 306 
-310 vol.5) 
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As per claims 14 and 28: 

Woodburn does not explicitly teach the handler mechanism is Netfilter. However, 
Gang teaches that the handler mechanism is a Netfilter (Diagram2). Therefore, it would 
have been obvious to a person in the art at the time the invention was made to modify 
the method disclosed by Woodburn that the handler mechanism is Netfilter. This 
modification would have been obvious because a person having ordinary skill in the art 
at the time of the invention was made, would have been motivated to do so since it is 
suggested on the specification of the application itself (Page 8, Paragraph 0031) which 
this letter is addressing. . 

Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Loukola et. la . 0-8186-9014/98 IEEE 

Teaches new possibilities offered by IPv6 on bringing security to the 
Internet in IP level. Major simplifications in IPv6 and it header extensions 
are also discussed. 

b. S.Kent. RFC 2402 1998 
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Discloses the security architecture applying the Encapsulating Security 
Pay load (ESP) header in combination with the IP Authentication Header 
(AH) to provide security services in IPv4 and IPv6. 

c. Rolf Oppliger 001 8-91 62/98 IEEE 

Rolf teaches on security at Internet layer focusing on IP security 
architecture. 

d. Samad etia. 0-7803-7565-3/02 IEEE 

Discusses Intemet protocol IP6, IPv4, transition tools, tunneling, 
encapsulation methods, and on how to deploy IPv6 over IPv4 tunnel 

7. Any inquiry concerning this communication from the examiner should be directed 
to Techane Gergiso whose telephone number is (571) 272-3784. The examiner can 
normally be reached between 8:00am to 6:00pm. If any attempts to reach the examiner 
by telephone are unsuccessful, the examiner's supervisor, Albert Decady, can also be 
reached on (571 ) 272-381 9. The fax number is (703) 305-371 8. _^ 




Techane Gergiso 




Patent Examiner 
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